Re: Locking out a user after several failed login attempts
| От | Jean-Yves F. Barbier |
|---|---|
| Тема | Re: Locking out a user after several failed login attempts |
| Дата | |
| Msg-id | 20110629180036.6635c4de@anubis.defcon1 обсуждение исходный текст |
| Ответ на | Re: Locking out a user after several failed login attempts (Mike Thomsen <mikerthomsen@gmail.com>) |
| Ответы |
Re: Locking out a user after several failed login attempts
|
| Список | pgsql-novice |
On Wed, 29 Jun 2011 11:43:00 -0400, Mike Thomsen <mikerthomsen@gmail.com>
wrote:
> Yes, we're logging all connections to the database.
I'm interested into that (you can it send to me as a PM.)
So, you just have to add a counter to your login table:
+------------------------------------+
| |
login attempt-----good----reset CTR to 1 |
| |
bad |
| |
CTR += 1 |
| |
CTR > 3?-------no-----------------------+
|
yes
|
revoke connect from bastarduser (until manually re-granted by dbA)
trigger alarm in security dpt
send 450kV into user's keyboard
--
Q: What do you call a half-dozen Indians with Asian flu?
A: Six sick Sikhs (sic).
В списке pgsql-novice по дате отправления: